Stored Procedures are EVIL
By Tony Marston2006-09-07
Stored procedures are not as brittle as dynamic SQL
|
|
Some people argue that putting ad-hoc SQL in your business layer (BL) code is not that good. Agreed, but who said that the only alternative is stored procedures? Why not have a DAL that generates the SQL query at runtime based on information passed to it by the BL? It is correct to say that small changes to the database can have severe impacts on the application. However, changes to a relational model will always have an impact on the application that targets that model: add a non-nullable column to a table and you will see what I mean. You can use stored procedures or ad-hoc queries, you have to change the calling code to make sure that column gets a value when a new row is inserted. For Ad-hoc queries, you change the query, and you're set. For stored procedures, you have to change the signature of the stored procedure, since the INSERT/UPDATE procs have to receive a value for the new column. This can break other code targeting the stored procedure as well, which is a severe maintenance issue. A component which generates the SQL on the fly at runtime doesn't suffer from this: it will for example receive an entity which has to be saved to the database, that entity contains the new field, the SQL is generated and the entity is saved. No maintenance problems. With a stored procedure this wouldn't be possible.
Tutorial Pages:
» Stored Procedures are EVIL
» Stored procedures are not as brittle as dynamic SQL
» Stored procedures are more secure
» Stored procedures are more efficient
» The company has paid for them, so why not use them?
» Application code or database code - it's still code, isn't it?
» It mangles the 3 Tier structure
» Stored procedures are a maintenance problem
» Stored procedures take longer to test
» BL in stored procedures does not scale
» Stored procedures are not customisable
» Database triggers are hidden from the application
» Version Control
» Vendor lock-in
» References
|
